The SMTP Agent is required to send or receive messages over the Internet. It is also required to send messages from POP and IMAP mail clients.
To create the SMTP Agent, select the messaging server where you want to create the agent and select SMTP Agent from the Create menu.
In creating the SMTP Agent object, you are prompted for the following information:
| Option | Function | |
|---|---|---|
Global Domain |
The Global Domain is the Internet domain used by your organization. For example, in the e-mail address email_user@company.com, "company.com is the Internet domain. By default, the SMTP Agent's Global Domain corresponds with the messaging server's Official Domain. |
|
Monitored Queue |
A monitored queue is the message queue from which the SMTP Agent picks up messages for remote delivery. A single SMTP Agent can monitor multiple message queues. However, you can only select one monitored queue when creating the SMTP Agent. You can add multiple monitored queues when configuring the agent. Because NMAP Agents manage the message queues, the Monitored Queues property corresponds to NMAP Agents. On a standalone messaging server, WebAdmin automatically selects the NMAP Agent on the current server. In distributed messaging systems, you can select any NMAP Agent on a distributed messaging server. IMPORTANT: If you have a distributed messaging system with multiple NMAP Agents, you must design your system so that each queue agent only processes messages one time as they go from the queue server to the message store. For more information, see Agent Distribution in Distributed Environments. To verify that an SMTP Agent is registered to a particular message queue:
|
|
After you create the SMTP Agent, you must restart the messaging server to load the agent. For information on restarting the messaging server, see Starting and Stopping NetMail.
From the SMTP Agent's configuration menu, you can configure the following options:
| Option | Function | |
|---|---|---|
| Identification |
|
|
| Domains | You must add all the domain and host names that your NetMail system is planning to accept messages in either the Global or Hosting Domains list. In listing the domains that belong to your messaging system, consider the following important points:
|
|
Global Domains |
A listing of the messaging system's native domains. When the SMTP Agent receives a message, it looks at the domain portion of the recipient's e-mail address (everything after the @ symbol). If the addressed domain matches a domain in the Global Domains list, the SMTP Agent removes the domain portion of the address and drops the message in the message queue. Because the SMTP Agent removes Global Domains from the recipient's e-mail address, ensure that the user portion of the e-mail address (everything before the @ symbol) is unique. You can address unique usernames at any global domain. For example, messages addressed to Bob@Novell.com and Bob@Novell.edu are delivered to the same mailbox if Novell.com and Novell.edu are listed as Global Domains and an eDirectory object named Bob exists in an NMAP Agent context. For more information on NMAP Agent contexts, see the Context property in Configuring the NMAP Agent . IMPORTANT: In NetMail 3.5, you do not need to restart the SMTP Agent after adding domains to the Global Domains list. New domains are recognized by the SMTP Agent within 5 minutes. |
|
| Other |
|
|
Message Size Limit |
The maximum message size the SMTP Agent can accept. Because the SMTP Agent handles all Internet traffic, this property limits both incoming and outgoing Internet messages. You can enter any amount between None (no limit) and 40 MB. This does not apply to messages sent using WebAccess or Webmail. While POP and IMAP clients must use the SMTP Agent to put their outbound messages in the NMAP Agent's message queue, the Modular Web Agent can directly communicate with the NMAP Agent. Therefore, it drops its own messages in the message queue, circumventing the SMTP Agent's message limit. Changes to this property are implemented within 5 minutes. |
|
Parent Object |
The Parent object associated with the SMTP Agent. The SMTP Agent recognizes all Global and Hosting Domains listed in its associated Parent objects. See Supporting Multiple Internet Domains for more information. Changes to this property are implemented within 5 minutes. |
|
| Options | ||
| Flags | A series of standard SMTP commands that you can enable on the current SMTP Agent. Select the commands you want the SMTP Agent to accept. Changes to the STMP flags are implemented within 5 minutes. |
|
Allow VRFY Command |
The VRFY command allows external clients to verify that a user exists in your messaging system. If enabled, VRFY can pose a security risk because it allows external users to anonymously request verification of usernames. For example, if spammers want to find out the usernames in your company, they could query the system with a series of usernames until the system verified a valid username. When verifying that a user exists in the messaging system, the SMTP Agent references the context list maintained by the messaging server. If the user is not listed in the context list, the SMTP Agent returns a "User Not Found" message. See the Context property in Configuring the NMAP Agent . for more information on the NMAP Agent's context list. |
|
Allow EXPN Command |
The EXPN command expands a group name upon request and lists all the user names in that group. This command is also considered a security risk because it allows spammers to anonymously request group membership lists. For example, if a spammer makes a request to expand a system-wide group such as Everyone, the SMTP Agent returns the complete membership list, which is, essentially, every username in your organization. |
|
Verify Addresses on Recipient |
By default, the SMTP Agent accepts all incoming messages and places them in a queue where their addresses are verified, as resources are available. This process facilitates rapid message processing. However, if you want the SMTP Agent to perform address verification before accepting messages into your NetMail system, select Verify Addresses on Receipt. IMPORTANT: NetMail Aliasing does not work if Verify Addresses on Recipient is selected. When this option is enabled, the SMTP Agent intercepts messages before they are processed in the message queue; consequently, messages addressed to NetMail aliases are deleted before the Alias Agent can process them. For more information on the Alias Agent, see Managing User Aliases. |
|
Send ETRN |
The SEND ETRN command requests a remote server to send any messages it has queued for your messaging system. This option is primarily for organizations with dial-up Internet connections. For more information, see Servicing ETRN Domains. |
|
Accept ETRN |
The ACCEPT ETRN command allows a remote server to request queued messages. If enabled, the SMTP Agent responds to this request by sending any messages it has queued for that system. ACCEPT ETRN is the only SMTP flag that is selected by default. For more information, see Servicing ETRN Domains. |
|
| Mail Relay Host | A mail relay host is a relay point for remote messages. It is often used to transfer outbound messages through a firewall. ETRN Domains also use Mail Relay Hosts to transfer messages to their relay service. See Servicing ETRN Domains for more information. IMPORTANT: You must restart the smtpd executable to effect any changes in the Mail Relay Host configuration. See Loading and Unloading NetMail Agents for more information. |
|
Forwarder |
To funnel all remote messages through another SMTP Agent rather than having the current SMTP Agent access the Internet, enter the host name or IP address of the SMTP server that you plan to use as the mail relay host. All remote messages going through this SMTP Agent are then forwarded to the SMTP Agent at the designated address. |
|
| UBE Blocking |
|
|
|
This page provides options that block incoming messages from specified sites. These options are designed to protect your messaging system from unsolicited bulk e-mail (UBE) or spam. Changes to these properties are implemented within 5 minutes. |
|
| Flags |
|
|
Block Hosts in Blocked List |
Restricts access to your messaging system. If selected, the SMTP Agent refuses connections from any mail host with an IP address designated in the Blocked Hosts list. |
|
Deny Hosts Not in DNS |
Provides reverse DNS lookups. When receiving messages from external systems, the SMTP Agent verifies that the host's IP address and domain correspond to its DNS record. If they don't match, the SMTP Agent drops the connection. You must configure your DNS server to support reverse DNS lookups for this option to function. |
|
Override with Authentication |
This option provides an exception to the Deny Hosts Not in DNS option. If enabled, hosts that are not listed in DNS are given the opportunity to authenticate with the SMTP Agent before their connection is dropped. |
|
| RBL Check | Enables the SMTP Agent to do lookups on the Realtime Blackhole List (RBL). RBL maintains a list of confirmed spammers and open relays. If the mail host matches an entry on the RBL, the connection is refused. |
|
RBL Servers |
To add an RBL site, type the IP address or host name of the RBL list server in the RBL Servers field, then click Save. Enter one RBL server per line. The RBL entry can include a trailing semicolon ( ; ) and subsequent text. The text following the semicolon is displayed as part of the protocol reply informing the sender he is blocked. The following configuration entry references bl.spamcop.net as the RBL Host and then adds a message directing the sender to the SpamCop Web site: bl.spamcop.net;You have been blackholed by spamcop.net. Please see http://spamcop.net to get removed If the character sequence %d.%d.%d.%d is provided as part of the text, it is replaced by the IP address of the blocked system. Use this feature to generate responses containing URLs that point directly to the RBL system's look-up page. For example, in this configuration entry, bl.spamcop.net;Please see http://spamcop.net/w3m?action=checkblock&ip=%d.%d.%d.%d http://spamcop.net/w3m?action=checkblock&ip is the URL format for SpamCop's lookup page and %d.%d.%d.%d generates the IP address of the blocked host. The resulting protocol reply includes a URL that takes the blocked sender directly to SpamCop's lookup page and tests his or her IP address. IMPORTANT: If a percent sign ( % ) is provided as part of the SMTP message text, type it as %%. Using a single percent sign without the letter "d" might crash the SMTP Agent. |
|
Blocked Hosts |
A list of blocked IP address ranges. If Block Hosts in "Blocked" List is selected, the SMTP Agent refuses connections from any host within the designated IP address range. Listing ranges of registered IP addresses blocks specific external hosts from sending mail to or relaying mail through your messaging system. For example, you can choose to list the IP addresses registered to public mail systems such as Hotmail,* Yahoo!,* and Juno* because spammers frequently use these systems to relay spam. Use this option to block internal hosts. By listing ranges of internal IP addresses, you can block specific workstations from sending any messages over the Internet. To add a blocked host, type a range of disallowed IP addresses in the Blocked Hosts field, then click Save. Enter one blocked host per line.For example: 251.70.2.53-251.70.2.60 |
|
| UBE Relaying |
|
|
|
This page provides options that prevent spammers from using your messaging system to relay unsolicited bulk e-mail (UBE) or spam. Changes to these properties are implemented within 5 minutes. |
|
| Flags |
|
|
Do SMTP-after-POP |
Prohibits users from sending remote messages through the SMTP Agent until they have first authenticated with the messaging system via their POP3 or IMAP4 client. This works for most Internet e-mail clients because these clients always check for e-mail (log in) just before sending messages. This feature also includes the username of the person who authenticated with the messaging system in the message header. This helps track spammers who authenticate with a valid username but fake the message header to mask their identity. SMTP-after-POP requires that you run the Connection Manager Agent and that you configure the Connection Manager options on the messaging server running the SMTP Agent. See SMTP-after-POP for detailed instructions on configuring SMTP-after-POP authentication. WARNING: If you are using a Proxy Server, we recommend that you use ESMTP authentication rather than SMTP-after-POP because the same IP address might be assigned to multiple users. For more information on ESMTP authentication, see the Allow Remote Sending for Authenticated Users Only feature in the SMTP Agent. |
|
Allow Remote Sending for Authenticated Users Only |
Enables Extended SMTP (ESMTP) authentication. If selected, the e-mail client must authenticate through the ESMTP protocol before the SMTP Agent relays its messages to remote recipients. Netscape Communicator and Outlook Express support ESMTP authentication. If both SMTP-after-POP and ESMTP authentication are enabled, they function as an either/or option. If a mail client does not authenticate via POP or IMAP when downloading mail, it must authenticate via ESMTP before it can send remote messages. |
|
Require Sender to Be in "Allowed" List |
Restricts access to your NetMail system by selectively allowing access. If enabled, only mail hosts with an IP address designated in the Allowed Hosts list can relay remote messages through the current SMTP server. If SMTP-after-POP, ESMTP authentication, and Require Sender to Be in "Allowed" List are all enabled, they function as an either/or option. If an e-mail client does not authenticate using of POP or IMAP when downloading mail, it must authenticate using ESMTP or the Allowed Hosts list must include it before it can send remote messages. |
|
Maximum Number of Recipients per E-Mail |
Restricts the number of users who can receive the same message. This option affects both inbound and outbound Internet messages. If a message exceeds the threshold, the SMTP Agent begins at the top of the recipient list and sends the message to the number of recipients designated in this field. You can also configure the ModWeb Mail Module to restrict the number of recipients per message sent by users in the Modular Web client. For information on the ModWeb Mail Module, see Configuring the Mail Module. |
|
| Relaying |
|
|
Allowed Hosts |
A list of allowed IP address ranges. When the Require Sender to Be in "Allowed" List option is selected, only hosts that fall within the designated IP address ranges are allowed to send messages to remote recipients via the current SMTP Agent. If an ISP or corporation has its own Web server, listing the organization's range of registered IP addresses prevents external hosts, such as spammers, from relaying messages through the company's messaging system. In addition to preventing external hosts from relaying messages through your messaging system, you can use the Allowed Hosts list to prevent internal hosts from relaying remote messages. To restrict which workstations outside your organization that you allow to send remote messages, designate ranges of internal IP addresses. If a workstation's IP address is not in an Allowed Hosts range, you can still use the workstation to send messages to users within the local messaging system. To add an allowed host, type a range of allowed IP addresses in the Allowed Hosts field, then click Save. Enter one allowed host per line. For example: 251.70.2.53-251.70.2.60 |
|
Relayed Domains (ETRN) |
ETRN Domains are messaging systems that use a hosting service, such as an ISP or ASP, to send and receive messages over the Internet. These systems have their own messaging servers, agents, and mail directories; however, all their messaging services are local. Consequently, they must use a hosting service to send and receive remote messages. In most instances, ETRN Domains have non-persistent dial-up connections to their ISP or ASP. For more information, see Servicing ETRN Domains. To add an ETRN domain, enter the IP address or host name of the ETRN domain's SMTP server, then click Save. Enter one ETRN domain per line. IMPORTANT: To support these domains, you must click the Accept ETRN option in the Options page. |
|
| Domain Routing |
|
|
Domain Routing |
Domain Routing allows messages addressed to a specified domain to be sent directly to a defined IP address without first going through the DNS server. To add a domain to the Domain Routing list, type the domain name, a space, and then the IP address to which messages should be sent. Enter only one domain per line. For example: testdomain1.com = 130.45.45.109 To remove a domain from the Domain Routing list, select the domain and press Delete. IMPORTANT: You must restart the smtpd executable to effect any changes in the Domain Routing configuration. See Loading and Unloading NetMail Agents for more information. |
|
| Queue Server |
|
|
|
The message queue to which the SMTP Agent delivers messages that need to be processed. Because NMAP Agents manage the message queue, the Queue Server property corresponds to an NMAP Agent. Each SMTP Agent can only have one queue server. On a standalone messaging server, WebAdmin automatically selects the NMAP Agent on the current server. In distributed messaging systems, you can select any NMAP Agent on a distributed messaging server. IMPORTANT: If you have a distributed messaging system with multiple NMAP Agents, you must design your system so that each queue agent only processes messages one time as they go from the queue server to the message store. For more information, see Agent Distribution in Distributed Environments. To verify that an SMTP Agent is registered to a particular queue server:
IMPORTANT: You must restart the smtpd executable to effect any changes in the Queue Server configuration. See Loading and Unloading NetMail Agents for more information. |
|
| Monitored Queues |
|
|
|
A monitored queue is the message queue from which the SMTP Agent picks up messages for remote delivery. A single SMTP Agent can monitor multiple message queues; however, you should not configure multiple SMTP Agents to monitor the same queue. Doing so produces inconsistent results such as duplicate messages. Only one SMTP Agent should monitor each message queue. Because NMAP Agents manage the message queues, the Monitored Queues property corresponds to NMAP Agents. On a standalone messaging server, WebAdmin automatically selects the NMAP Agent on the current server. In distributed messaging systems, you can select any NMAP Agent on a distributed messaging server. IMPORTANT: If you have a distributed messaging system with multiple NMAP Agents, you must design your system so that each queue agent only processes messages one time as they go from the queue server to the message store. For more information, see Agent Distribution in Distributed Environments. To verify that an SMTP Agent is registered to a particular message queue:
Changes to this property are implemented within 5 minutes. |
|
| Status |
|
|
|
By default, the SMTP Agent is enabled. To disable the SMTP Agent:
Disabling the agent prevents the messaging server from launching the SMTP Agent at startup. However, to immediately disable the agent, you must manually unload the smtpd executable or restart the messaging server. For more information on manually unloading NetMail agents or restarting the messaging server, see Starting and Stopping NetMail. After the SMTP Agent is disabled, the messaging server does not launch the smtpd executable again until you select Enabled and restart the messaging server. |
|
By default, the SMTP Agent does not reference the NMAP Agent's context list when sending or receiving remote messages.
The only two instances in which the SMTP Agent references the context list are if VRFY or Allow Remote Sending for Authenticated Users Only are marked. For a more detail explanation, see the Context property in Configuring the NMAP Agent .
If the VRFY option is marked, the SMTP agent references the local context list to verify that a user exists in the local messaging system. If the user is not listed in the Agent's local context list, it returns a "User Not Found" message.
If Allow Remote Sending for Authenticated Users Only is marked, only users who belong to the messaging system can send remote mail via the SMTP Agent. For standalone messaging servers, this means the user must belong to a local NMAP context. For distributed messaging servers, this means that the user must belong to an NMAP context for one of the messaging servers in Internet Services.